Talkin' Bout [Infosec] News

Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com00:00 - PreShow Banter™ — It’s 8ft skeleton season.02:18 - BHIS - Talkin’ Bout [infosec] News 2025-09-0203:07 - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks07:35 - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets’13:46 - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling17:44 - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K19:39 - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we’re working through it.’20:56 - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 202522:43 - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-842425:20 - Story # 8: First known AI-powered ransomware uncovered by ESET Research30:00 - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception32:06 - Story # 10: TransUnion suffers data breach impacting over 4.4 million people34:17 - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI35:20 - Story # 12: They weren’t lovin’ it - hacker cracks McDonald’s security in quest for free nuggets, and it was apparently not too tricky39:29 - Identify the birds you see or hear with Merlin Bird ID40:04 - Story # 13: Detecting and countering misuse of AI: August 202551:31 - Story # 14: I’m a Stanford student. A Chinese agent tried to recruit me as a spy

Show Notes

Register for FREE Infosec Webcasts, Anti-casts & Summits – 

https://poweredbybhis.com



00:00 - PreShow Banter™ — It’s 8ft skeleton season.

02:18 - BHIS - Talkin’ Bout [infosec] News 2025-09-02

03:07 - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks

07:35 - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets’

13:46 - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

17:44 - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K

19:39 - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we’re working through it.’

20:56 - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025

22:43 - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424

25:20 - Story # 8: First known AI-powered ransomware uncovered by ESET Research

30:00 - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception

32:06 - Story # 10: TransUnion suffers data breach impacting over 4.4 million people

34:17 - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI

35:20 - Story # 12: They weren’t lovin’ it - hacker cracks McDonald’s security in quest for free nuggets, and it was apparently not too tricky

39:29 - Identify the birds you see or hear with Merlin Bird ID

40:04 - Story # 13: Detecting and countering misuse of AI: August 2025

51:31 - Story # 14: I’m a Stanford student. A Chinese agent tried to recruit me as a spy

  • (00:00) - PreShow Banter™ — It’s 8ft skeleton season.
  • (02:17) - BHIS - Talkin' Bout [infosec] News 2025-09-02
  • (03:07) - Story # 1: Salesloft breached to steal OAuth tokens for Salesforce data-theft attacks
  • (07:35) - Story # 2: DSLRoot, Proxies, and the Threat of ‘Legal Botnets’
  • (13:46) - Story # 3: Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling
  • (17:44) - Story # 4: Ransomware crooks knock Swedish municipalities offline for measly sum of $168K
  • (19:39) - Story # 5: As crippling cyberattack against Nevada continues, Lombardo says ‘we’re working through it.’
  • (20:56) - Story # 6: Citrix forgot to tell you CVE-2025–6543 has been used as a zero day since May 2025
  • (22:43) - Story # 7: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424
  • (25:19) - Story # 8: First known AI-powered ransomware uncovered by ESET Research
  • (30:00) - Story # 9: In the rush to adopt hot new tech, security is often forgotten. AI is no exception
  • (32:05) - Story # 10: TransUnion suffers data breach impacting over 4.4 million people
  • (34:16) - Story # 11: ChickenSec FollowUp: Artificial Intelligence: The other AI
  • (35:20) - Story # 12: They weren't lovin' it - hacker cracks McDonald's security in quest for free nuggets, and it was apparently not too tricky
  • (39:29) - Identify the birds you see or hear with Merlin Bird ID
  • (40:03) - Story # 13: Detecting and countering misuse of AI: August 2025
  • (51:31) - Story # 14: I’m a Stanford student. A Chinese agent tried to recruit me as a spy

What is Talkin' Bout [Infosec] News?

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
Join us live on YouTube, Monday's at 4:30PM ET